India’s Government cyber security watchdog, CERT (Computer Emergency Response Team) has issued multiple vulnerabilities for products ranging from Adobe Reader to Microsoft’s Internet explorer and more.
As per a vulnerability note issued with regard to Adobe Reader, CERT-In has warned Adobe users that a sandbox-bypass vulnerability has been reported in Adobe Reader and Acrobat which could be used by potential attackers to bypass sandbox protection on Windows Platform.
The severity rating for this issue has been set by the Government agency to HIGH, indicating that the issue is of serious concern and users nee to fix it immediately to prevent any sort of potential hacking.
A solution to this fix has been provided by Adobe here. In its response to this issue, Adobe has indeed accepted the fact that certain “isolated” attacks on users with Windows platform have taken place.
Similarly, CERT-In has also issued a slew of “vulnerability notes” for several Microsoft products. One of the most severe of them is the one issued with respect to Internet Explorer.
As per CERT-In’s security note, Multiple vulnerabilities have been detected in Internet Explorer which could allow potential attackers to gain elevated privileges of the targeted system or allow execution of arbitrary code. The govt. agency has given a full length description of the issue, which can be accessed here. And, similar to Adobe’s note, a severity rating of HIGH has been allotted to Internet Explorer too.
A security bulletin has been issued by Microsoft and can be found here.
Not only IE, several other Microsoft products have been reported by India’s Computer Emergency Response Team which are of HIGH and MEDIUM severity. A screenshot from CERT-In’s website is shown below :